Sonar_Integration_with_Jenkins.MD

SonarQube Integration with Jenkins

Integration SonarQube server with Jenkins is necessary to store your reports. Follow below steps to enable that.

Follow this in YouTube

Prerequisites

1. SonarQube Server Get Help here
2. Jenkins Server Get Help here

Implementation

Login to Jenkins server and install sonarqube scanner.

• SonarQube scanner URL : https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner
• Package : https://sonarsource.bintray.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.2.0.1227-linux.zip

# wget https://sonarsource.bintray.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.2.0.1227-linux.zip
# unzip sonar-scanner-cli-3.2.0.1227-linux.zip
# mv sonar-scanner-3.2.0.1227-linux /opt/sonar_scanner 

Set SonarQube server details in sonar-scanner property file

• Sonar properties file: /opt/sonar_scanner/conf/sonar-scanner.properties
  • sonar.host.url=http://<SONAR_SERVER_IP>:9000

Login to Jenkins GUI console and install " SonarQube scanner" plugin

• Manage Jenkins > Manage Plugins > Avalable > SonarQube scanner

Configure SonarQube scanner home path

• Manage Jenkins > Global Tool Configuration > SonarQube Scanner
  • Name : sonar_scanner
  • SONAR_RUNNER_HOME : /opt/sonar_scanner

Configure SonarQube server name and authentication token

• Manage Jenkins > Configure Systems > SonarQube Servers
  • Name : SonarQube
  • ServerURL : http://<Sonarqube_server>:9000/sonar
  • Server authentication token To Get Authentication code follow below steps. Login to SonarQube server as a admin My Account > Security > Generate Token

Create a job to test SonarQube. Provide below sonar properties details in the job under build

• Build:
  • Execute SonarQube Scanner > Analysis properties (it is mandatary).
    • sonar.projectKey=Valaxy
    • sonar.projectName=ValaxyDemo
    • sonar.projectVersion=1.0
    • sonar.sources=/var/lib/jenkins/workspace/$JOB_NAME/<PROJECT_NAME>/src

Execute job to get analysis report.

Next Step

•  Nexus Installation

from : https://github.com/ValaxyTech/DevOpsDemos/blob/master/SonarQube/Sonar_Integration_with_Jenkins.MD

sonarqube-docker-compose.yml

version: "3"
	services:
	sonarqube:
	image: sonarqube
	expose:
	- 9000
	ports:
	- "127.0.0.1:9000:9000"
	networks:
	- sonarnet
	environment:
	- SONARQUBE_JDBC_URL=jdbc:postgresql://db:5432/sonar
	- SONARQUBE_JDBC_USERNAME=sonar
	- SONARQUBE_JDBC_PASSWORD=sonar
	volumes:
	- sonarqube_conf:/opt/sonarqube/conf
	- sonarqube_data:/opt/sonarqube/data
	- sonarqube_extensions:/opt/sonarqube/extensions
	- sonarqube_bundled-plugins:/opt/sonarqube/lib/bundled-plugins
	db:
	image: postgres
	networks:
	- sonarnet
	environment:
	- POSTGRES_USER=sonar
	- POSTGRES_PASSWORD=sonar
	volumes:
	- postgresql:/var/lib/postgresql
	- postgresql_data:/var/lib/postgresql/data
	networks:
	sonarnet:
	volumes:
	sonarqube_conf:
	sonarqube_data:
	sonarqube_extensions:
	sonarqube_bundled-plugins:
	postgresql:
	postgresql_data:

from : https://gist.github.com/Warchant/0d0f0104fe7adf3b310937d2db67b512

SonarQube with Jenkins Setup using Docker Images

Final Configuration

We want to have two Docker containers running on the same host – one container will be for Jenkins and the other for SonarQube. The Jenkins container will also have sonar-scanner running locally to perform the code quality inspections.

Jenkins Installation

• Download the official Jenkins image from Docker Hub with this docker command:

docker pull jenkins/jenkins

This will download the Jenkins image with the latest tag. Running docker images should show this docker image in the local repository:

jenkins/jenkins: latest

Note that there has been some confusion about which Jenkins image is the official one which this article clarifies.

• start a new Jenkins container from the downloaded image with the following command:

docker run -d -p 8080:8080 -p 50000:50000 --name jenkins-article jenkins/jenkins:latest

This creates a new Docker container and starts Jenkins on port 8080 with the container name jenkins-article.

• access http://localhost:8080 to show the initial Jenkins unlock screen:

• paste the pre-generated admin password which will be in the file location specified as well as on the console output during the previous docker run command:

• install the suggested plugins on the Customized Jenkins screen

• create the first admin user and click through to next screen

• click Save and Finish on the Instance Configuration screen

• click Start using Jenkins on the final screen:

• you should now have a ready to use Jenkins server:

• install SonarQube Scanner Jenkins plugin (Manage Jenkins > Manage Plugins > Available)

SonarQube Installation

• Download the official SonarQube image from Docker Hub with this docker command:

docker pull sonarqube

This will download the SonarQube image with the latest tag. Running docker images should show this docker image in the local repository:

sonarqube: latest

• start a new SonarQube container from the downloaded image with the following command:

docker run -d --name sonarqube-article -p 9000:9000 sonarqube

This creates a new Docker container and starts SonarQube on port 9000 with the container name sonarqube-article.

• access http://localhost:9000 to show the initial SonarQube screen:

Note that you might need to wait a few seconds while SonarQube is starting to see this screen.

• login to SonarQube with the default admin user and admin password
• skip the tutorial to generate a new token

SonarQube Scanner Configuration

SonarQube Scanner (aka Sonar Scanner) is a stand alone tool that does the actual scanning of the source code and sends results to the SonarQube Server. In our simple setup, we will install Sonar Scanner on the same container as Jenkins, but in a production environment it would most likely be on a separate machine/container/VM.

• access the Jenkins Docker container from a bash shell like this:

docker exec -it jenkins-article bash

where jenkins-article is the name of the Jenkins container.

• create sonar-scanner directory under /var/jenkins_home
• download SonarQube Scanner onto the container from the sonar-scanner directory with wget:

wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.3.0.1492-linux.zip

• unzip the Sonar Scanner binary:

unzip sonar-scanner-cli-3.3.0.1492-linux.zip

• update Jenkins to point to sonar-scanner binary (Manage Jenkins > Global Tool Configuration > SonarQube Scanner); you will need to uncheck “Install automatically” so you can explicitly set SONAR_RUNNER_HOME

Configuring Jenkins and SonarQube

After Jenkins and SonarQube are running inside their own docker containers, it’s time to configure them to communicate with each other.

• get IP address of host by executing from the host:

ifconfig

Look for the IP address listed for en0 > inet:

This returned 192.168.0.13 which will be used for both Jenkins and SonarQube configuration. Note that if you change networks, you will have to update the IP address on Jenkins and SonarQube to be the new host IP. For a more flexible IP assignment that won’t need to be updated if the host IP changes, you can leverage networking with a Docker Compose file.

• add webhook in SonarQube to point to Jenkins (Administration > Configuration > Webhooks); URL will be in the format http://<host_ip>:8080/sonarqube-webhook  (http://192.168.0.13:8080/sonarqube-webhook)

• in SonarQube, generate an access token that will be used by Jenkins (My Account > Security > Tokens)

• in Jenkins, add the SonarQube Server IP address and the access token (Manage Jenkins > Configure System > SonarQube Servers); URL will be in the format http://<host_ip>:9000   (http://192.168.0.13:9000)

Conclusion

You now have SonarQube and Jenkins configured to work together locally within Docker containers. You can now create Jenkins pipeline jobs to start analyzing your projects.

from : https://funnelgarden.com/sonarqube-jenkins-docker/